Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72D8A382C99211EF98BDB86F762E951A.roa
File: 72D8A382C99211EF98BDB86F762E951A.roa (raw, json)
Hash identifier: 8F0oCiQnNR7Xr/2V2i+FKXNwaNmSYarmWx/U1RYSTxE=
Subject key identifier: 4C:93:E0:5C:EF:67:6E:39:FD:D0:B5:67:EF:4D:91:8F:BC:E5:8B:34
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F5F1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72D8A382C99211EF98BDB86F762E951A.roa
Signing time: Fri 03 Jan 2025 05:20:30 +0000
ROA not before: Fri 03 Jan 2025 05:20:26 +0000
ROA not after: Sat 13 Dec 2025 05:20:26 +0000
asID: 984
IP address blocks: 156.233.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62961 (0xf5f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 05:20:26 2025 GMT
Not After : Dec 13 05:20:26 2025 GMT
Subject: CN=6777739e-9715
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ba:80:34:6c:8a:7c:d3:a3:4b:52:65:70:4e:
8e:9b:a9:88:09:01:c7:33:1e:1a:12:43:dc:32:ab:
88:ce:be:68:fa:fc:0b:71:e1:b7:ae:f7:af:43:d4:
4f:7d:51:be:c7:47:8d:d6:13:a1:0f:47:f8:51:f5:
62:4b:33:ca:57:d0:5f:11:10:09:a3:c6:2d:9d:10:
74:bb:9e:da:c3:55:22:b3:a6:07:d6:d4:a4:10:1e:
f9:57:80:3a:d1:ac:3b:0c:22:88:e3:bd:b3:60:a9:
b9:3a:f2:92:7d:e0:91:5a:f4:93:ac:77:be:9a:6f:
65:6b:f3:9d:f6:c5:3f:da:fd:3c:e2:48:07:a1:b0:
f3:31:17:56:3c:b5:c6:b3:74:5a:d1:21:6c:1e:3d:
d8:20:da:28:04:d2:d0:2e:2b:96:ba:82:a3:f5:98:
27:b6:ef:71:1f:03:00:6a:f5:f6:55:81:1d:03:0c:
16:1f:8c:49:eb:06:7c:af:4d:15:0b:b9:b2:a6:69:
f8:52:3b:5f:94:bf:6c:ad:cc:47:f6:81:6d:a2:fd:
a1:09:d9:eb:00:cf:86:1e:1f:94:c9:63:96:25:77:
3d:0e:4b:8d:a9:cc:69:78:ca:bc:cc:c3:c3:7f:5a:
10:14:7c:0a:56:ed:27:5e:af:b9:50:4b:a1:c4:94:
2d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:93:E0:5C:EF:67:6E:39:FD:D0:B5:67:EF:4D:91:8F:BC:E5:8B:34
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72D8A382C99211EF98BDB86F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.115.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:42:7c:3e:fc:e2:a8:fb:28:e3:0c:50:22:3e:6b:fb:dd:b4:
26:37:f1:d5:0d:14:a7:bf:db:93:1e:c3:ed:9c:a8:0e:c3:69:
33:0f:60:c7:b4:3a:83:81:c0:19:b8:4a:38:a6:a6:5c:36:15:
b1:89:aa:55:c0:42:d4:57:df:dd:bb:37:07:8b:aa:78:3a:79:
a1:fa:a6:c4:fa:9a:69:dd:ca:55:3b:88:40:60:14:98:7e:10:
d2:62:0a:64:e5:58:d8:ef:c2:8b:eb:04:2b:af:c5:2b:70:8e:
39:e5:76:46:7d:23:5a:f1:0e:15:23:02:d2:5c:b1:2d:eb:71:
66:a2:d6:80:8d:b1:78:5f:57:b7:e4:19:60:b2:0b:27:fc:aa:
de:c0:5c:4d:b1:02:30:83:c9:b7:4d:3a:fa:cc:7b:93:e7:b3:
8e:bb:eb:53:62:fd:f1:fe:e4:56:73:04:45:2a:23:24:d7:22:
38:6b:d9:06:02:7a:7c:7e:61:3d:28:8a:ef:1a:2a:89:0b:13:
62:49:56:bc:f0:8c:d4:00:88:4e:a4:db:8e:6f:d3:f8:a8:ee:
91:06:59:9e:67:6a:43:8a:e4:0b:f3:cf:d7:99:59:2a:e8:e6:
e5:e4:3a:9a:57:5e:d1:be:61:45:ed:c7:81:93:ab:24:a0:5a:
ec:67:e3:c4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPXxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDUyMDI2WhcNMjUxMjEzMDUyMDI2WjAYMRYw
FAYDVQQDEw02Nzc3NzM5ZS05NzE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7LqANGyKfNOjS1JlcE6Om6mICQHHMx4aEkPcMquIzr5o+vwLceG3rvev
Q9RPfVG+x0eN1hOhD0f4UfViSzPKV9BfERAJo8YtnRB0u57aw1Uis6YH1tSkEB75
V4A60aw7DCKI472zYKm5OvKSfeCRWvSTrHe+mm9la/Od9sU/2v084kgHobDzMRdW
PLXGs3Ra0SFsHj3YINooBNLQLiuWuoKj9Zgntu9xHwMAavX2VYEdAwwWH4xJ6wZ8
r00VC7mypmn4UjtflL9srcxH9oFtov2hCdnrAM+GHh+UyWOWJXc9DkuNqcxpeMq8
zMPDf1oQFHwKVu0nXq+5UEuhxJQtLQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEyT
4FzvZ245/dC1Z+9NkY+85Ys0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MkQ4QTM4MkM5OTIxMUVGOThCREI4NkY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOlzMA0GCSqGSIb3DQEBCwUA
A4IBAQBLQnw+/OKo+yjjDFAiPmv73bQmN/HVDRSnv9uTHsPtnKgOw2kzD2DHtDqD
gcAZuEo4pqZcNhWxiapVwELUV9/duzcHi6p4Onmh+qbE+ppp3cpVO4hAYBSYfhDS
Ygpk5VjY78KL6wQrr8UrcI455XZGfSNa8Q4VIwLSXLEt63FmotaAjbF4X1e35Blg
sgsn/KrewFxNsQIwg8m3TTr6zHuT57OOu+tTYv3x/uRWcwRFKiMk1yI4a9kGAnp8
fmE9KIrvGiqJCxNiSVa88IzUAIhOpNuOb9P4qO6RBlmeZ2pDiuQL88/XmVkq6Obl
5DqaV17RvmFF7ceBk6skoFrsZ+PE
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:37:23 2025 by rpki-client